//package io.mvvm.security.filter;
//
//import com.alibaba.fastjson.JSON;
//import io.mvvm.common.entity.AjaxResponse;
//import io.mvvm.security.service.IUserDetailsService;
//import org.springframework.security.core.Authentication;
//import org.springframework.security.core.GrantedAuthority;
//import org.springframework.security.core.context.SecurityContextHolder;
//import org.springframework.stereotype.Component;
//import org.springframework.util.AntPathMatcher;
//import org.springframework.web.filter.OncePerRequestFilter;
//
//import javax.annotation.Resource;
//import javax.servlet.FilterChain;
//import javax.servlet.ServletException;
//import javax.servlet.http.HttpServletRequest;
//import javax.servlet.http.HttpServletResponse;
//import java.io.IOException;
//import java.util.Collection;
//import java.util.Set;
//import java.util.stream.Collectors;
//
///**
// * @program: seize-login
// * @description: URL权限验证
// * @author: 潘
// * @create: 2021-05-15 02:35
// **/
//@Component
//public class UrlAuthenticationFilter extends OncePerRequestFilter {
//
//    @Resource
//    private IUserDetailsService userDetailsService;
//
//    @Override
//    protected void doFilterInternal(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain) throws ServletException, IOException {
//        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
//        // 如果为空则验证用户访问是是否为公共资源
//        if (null == authentication) {
//            Set<String> common = userDetailsService.getMenusByRole("common");
//            if (!hasPermission(httpServletRequest.getRequestURI(), common)) {
//                ajaxResponse(httpServletResponse);
//                return;
//            }
//        } else {
//            Collection<? extends GrantedAuthority> authorities = authentication.getAuthorities();
//            if (authorities.isEmpty()) {
//                ajaxResponse(httpServletResponse);
//                return;
//            }
//            Set<String> roles = authorities.stream().map(GrantedAuthority::getAuthority).collect(Collectors.toSet());
//            Set<String> urls = userDetailsService.getMenusByRoles(roles);
//            if (!hasPermission(httpServletRequest.getRequestURI(), urls)) {
//                ajaxResponse(httpServletResponse);
//                return;
//            }
//        }
//        filterChain.doFilter(httpServletRequest, httpServletResponse);
//    }
//
//    public boolean hasPermission(String requestUrl, Set<String> urls) {
//        // 路径匹配器
//        AntPathMatcher antPathMatcher = new AntPathMatcher();
//        for (String url : urls) {
//            if (antPathMatcher.match(url, requestUrl)) {
//                return true;
//            }
//        }
//        return false;
//    }
//
//    private void ajaxResponse(HttpServletResponse httpServletResponse) {
//        AjaxResponse response = new AjaxResponse();
//        response.setCode(-1);
//        response.setMsg("无权限访问");
//
//        httpServletResponse.setContentType("application/json; charset=utf-8");
//        try {
//            httpServletResponse.getWriter().write(JSON.toJSONString(response));
//        } catch (IOException e) {
//            e.printStackTrace();
//        }
//    }
//}
